How to programmatically change Active Directory password
I have a set of test accounts that are going to be created but the accounts will be setup to require password change on the first login. I want to write a program in C# to
-
Here is the solution:
string newPassword = Membership.GeneratePassword(12, 4); string quotePwd = String.Format(@"""{0}""", newPassword); byte[] pwdBin = System.Text.Encoding.Unicode.GetBytes(quotePwd); UserEntry.Properties["unicodePwd"].Value = pwdBin; UserEntry.CommitChanges();讨论(0) -
public void ResetPassword(string userName, string Password, string newPassword) { try { DirectoryEntry directoryEntry = new DirectoryEntry(Path, userName, Password); if (directoryEntry != null) { DirectorySearcher searchEntry = new DirectorySearcher(directoryEntry); searchEntry.Filter = "(samaccountname=" + userName + ")"; SearchResult result = searchEntry.FindOne(); if (result != null) { DirectoryEntry userEntry = result.GetDirectoryEntry(); if (userEntry != null) { userEntry.Invoke("SetPassword", new object[] { newPassword }); userEntry.Properties["lockouttime"].Value = 0; } } } } catch (Exception ex) { Log.Error("Password Can't Change:" + ex.InnerException.Message); } }讨论(0) -
Try this code. It works for me,
public void ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword) { try { string ldapPath = "LDAP://192.168.1.xx"; DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\\" + userName, currentPassword); if (directionEntry != null) { DirectorySearcher search = new DirectorySearcher(directionEntry); search.Filter = "(SAMAccountName=" + userName + ")"; SearchResult result = search.FindOne(); if (result != null) { DirectoryEntry userEntry = result.GetDirectoryEntry(); if (userEntry != null) { userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword }); userEntry.CommitChanges(); } } } } catch (Exception ex) { throw ex; } }讨论(0) -
Here's a great Active Directory programming quick reference:
Howto: (Almost) Everything In Active Directory via C#
See the password reset code near the end.
public void ResetPassword(string userDn, string password) { DirectoryEntry uEntry = new DirectoryEntry(userDn); uEntry.Invoke("SetPassword", new object[] { password }); uEntry.Properties["LockOutTime"].Value = 0; //unlock account uEntry.Close(); }讨论(0) -
You can use the UserPrincipal class' SetPassword method, provided you have enough privileges, once you've found the correct UserPrincipal object. Use FindByIdentity to look up the principal object in question.
using (var context = new PrincipalContext( ContextType.Domain )) { using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName )) { user.SetPassword( "newpassword" ); // or user.ChangePassword( "oldPassword", "newpassword" ); user.Save(); } }讨论(0) -
It is possible to set a new password to a domain account, by using .NET Framework 2.0. See working code bellow:
string domainfqdn="mydomain.test.gov" //fqdn of the domain string ldapPath =GetObjectDistinguishedName (objectClass.user,returnType.distinguishedName, args[0].ToString(),domainfqdn); ldapPath="LDAP://" + domainfqdn + :389/"+ldapPath; DirectoryEntry uEntry = new DirectoryEntry(ldapPath,null,null,AuthenticationTypes.Secure); uEntry.CommitChanges(); Console.WriteLine(ldapPath); string password="myS3cr3tPass" uEntry.Invoke("SetPassword", new object[] { password }); uEntry.Properties["LockOutTime"].Value = 0; //unlock account uEntry.CommitChanges(); uEntry.Close();it is very importan to check the parameters at uEntry, the code will run under the current thread security context, unless the null values are specified
讨论(0)
加载中...
- 热议问题